Enable different security models

An XCCDF Rule

Details
Profiles
Prose

Description

This allows you to choose different security modules to be configured into your kernel. The configuration that was used to build kernel is available at /boot/config-*. To check the configuration value for CONFIG_SECURITY, run the following command: grep CONFIG_SECURITY /boot/config-* For each kernel installed, a line with value "y" should be returned.

warning alert: Warning

There is no remediation for this besides re-compiling the kernel with the appropriate value for the config.

Rationale

This is enables kernel security primitives required by the LSM framework.

ID: xccdf_org.ssgproject.content_rule_kernel_config_security
Severity: Medium
References: BP28(R20)
Updated: about 1 year ago